<?php
#基础函数
include_once('_path.php');

#通用函数
include_once(_CONST_LOCAL_INCLUDE_PATH."common.php");

#db
include_once(_CONST_LOCAL_INCLUDE_PATH."database.class.php");
$database = new Database($db_vars);

$action = trim($_POST['act']);
$username = trim(strtolower($_REQUEST['username']));
$password = trim($_POST['password']);
$token = trim($_POST['token']);
#用户登录
if($action=='login')
{
	if($token==$_SESSION['token']){
        $quote['username'] = string_sql($username);
        $quote['password'] = string_sql(md5($password));
        $term2 = $database->queryFirst("SELECT id FROM customers WHERE company_no=".$quote['username']."AND password=".$quote['password']);
		if(!$term2)
		{
			echo "<script>alert('请输入正确的企业注册号或密码');</script>";
		}else
		{
			//session
			$_SESSION['user_id'] = $term2['id'];
			$_SESSION['name'] = $username;
			header("Location:"._CONST_WEB_URL ."ucenter/com-home.html");
		}
	}
}
$token = md5(uniqid().time());
$_SESSION['token'] = $token;
?>
<!DOCTYPE HTML>
<html>
<head>
	<meta charset="UTF-8">
	<title>用户登录-Haiersi•GL-海尔斯管历健康服务网</title>
	<link href="media/css/reset.css" rel="stylesheet" type="text/css"/>
	<link href="media/css/base.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="media/js/jquery-1.4.2.min.js"></script>
        <script type="text/javascript" src="media/js/jquery.validate.min.js"></script>
        <script type="text/javascript">
jQuery.noConflict();
jQuery(function($) {
  $('#loginForm').validate({
  });
});
</script>
</head>
<body>
<div class="wrapper">
	<div class="header clearfix">
		<a  class="logo fl" href="index.html"><h1>Hesgl</h1></a>
		<ul class="nav fr clearfix">
			<li class="cur"><a href="index.html">首页</a></li>
			<li><a href="about-us.html">关于我们</a></li>
			<li><a href="services.html">我们的服务</a></li>
			<li><a href="approach.html">我们的方法</a></li>
			<li><a href="health.html">企业健康管理</a></li>
			<li><a href="news.html">新闻</a></li>
			<li class="last"><a href="contacts.html">联系我们</a></li>
		</ul>
	</div>

    <div class="content clearfix">
    	<h2 class="con-title">用户登录</h2>
        <div class="main">
       		<div class="nav-tab">
				<ul>
					<li><a href="login-personal.html">个人用户登录</a></li>
					<li class="selected"><a href="login-company.html">企业用户登录</a></li>

				</ul>
			</div>
 <form name="loginForm" id="loginForm" action="" method="POST">
			<div class="box-con">
				<div class="box-con-a">
					<table class="table-input">
						<tr>
							<td class="title">企业注册号</td>
							 <td><input type="text" size="30" name="username" id="username" class="required"></td>
						</tr>
						<tr>
							<td class="title">密码：</td>
							 <td><input type="password" size="30" name="password" id="password" class="required"></td>
						</tr>

						<tr>
							<td class="title"> </td>
							<td><input type="submit" name="" value="登录" class="btnA" /><input type="reset" name="" value="取消" class="btnB" />
                                                                <input type='hidden' id="act" name="act" value="login"/>
                                                                <input type='hidden' id="token" name="token" value="<?=$token ?>"/>
                                                        </td>
						</tr>
					</table>
				</div>
				<div class="box-con-m"></div>
			</div>
 </form>
        </div>

    </div>
	<div class="footer">
	    <p class="copyright">Copyright © 2011 Hesgl.com All Rights Reserved</p>
	</div>
</div>
</body>
</html>

